If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

How to verify placement of a firewall?

Hi, I'm looking for techniques to verify the physical and logical placement of a firewall. Let's assume I have a network map that shows a firewall should be between Systems A and B. From a logical standpoint, all I can think of is to look at the firewall rulebase and look for rules containing source/destination IP addresses for A and B. However, I was thinking that it doesn't prove that there isn't other stuff in between (e.g. A->C->Firewall->B). How would you audit this? Also, how would you verify the physical location...is this even relevant given the size of LAN's/WAN's. I'm guessing a network map wouldn't give me what I need unless the firewall icon included a physical location, yes? Any tips would be greatly appreciated.

Oh snap, just realized that perhaps this should have been posted in the firewalls sub-forum. I'm looking to build up technical IT audit skills (I've done the soft stuff like auditing for system change approvals, configuration, etc.), thought this would be a good place to post for a noob like myself. I've studied vendor-neutral stuff like Comptia Security+ and Network+ (thank you Professor Messer and Mike Myers!) and now I'm looking to translate this into hands-on, practical IT auditing.